136 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-8720
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wcBlake2bHmacFinal and wcBlake2sHmacFinal discard the message when the key length exceeds the block size, producing a MAC that is independent of the input. When...
CVE-2026-53041
In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix listxattr handling when the buffer is full BUG If an OCFS2 inode has both inline and block-based xattrs, listxattr can return a size larger than the caller's buffer when the inline names consume that buffer exactly...
EUVD-2025-210287
Microsoft HEIF Image Extensions 1.2.22.0 has an out-of-bounds read because CHEIFItemInfoEntryGetDataSize can return success while leaving the reported data size as 0. This causes a caller to make a 1-byte allocation. Later, CopyPixels computes copysize = stride absroiheight but does not check the...
Linux Distros Unpatched Vulnerability : CVE-2026-43118
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - btrfs: fix zero size inode with non-zero size after log replay When logging that an inode exists, as part of logging a new name or logging new dir entries for a...
Amazon Linux 2023 : below (ALAS2023-2026-1567)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1567 advisory. tar-rs is a tar archive reading/writing library for Rust. Versions 0.4.44 and below have conditional logic that skips the PAX size header in cases where the base header size is nonzero. As par...
Amazon Linux 2023 : cargo-c (ALAS2023-2026-1566)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1566 advisory. tar-rs is a tar archive reading/writing library for Rust. Versions 0.4.44 and below have conditional logic that skips the PAX size header in cases where the base header size is nonzero. As par...
Security Bulletin: IBM Integration Designer is vulnerable to incorrect Calculation of Buffer Size (CVE-2026-1188)
Summary Vulnerability in the IBM® Runtime Environment Java™ Version 8 used by IBM Integration Designer. IBM Integration Designer has addressed CVE-2026-1188. Vulnerability Details CVEID:CVE-2026-1188 DESCRIPTION: In the Eclipse OMR port library component since release 0.2.0, an API function to...
USN-8056-1: U-Boot vulnerabilities
Simon Diepold discovered that U-Boot incorrectly handled certain DHCP responses. An attacker on the local network could possibly use this issue to obtain sensitive memory contents. CVE-2024-42040 It was discovered that U-Boot incorrectly handled symlink size calculations in squashfs file systems...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005178)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005178 advisory. In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential out-of-bounds memory access in nilfsfindentry Syzbot reported that when...
MiracleLinux 8 : java-17-openjdk-17.0.13.0.11-3.el8 (AXSA:2024-8948:16)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8948:16 advisory. giflib: Heap-Buffer Overflow during Image Saving in DumpScreen2RGB Function CVE-2023-48161 JDK: Array indexing integer overflow 8328544 CVE-2024-212...
RLSA-2026:0695 Moderate: libpq security update
The libpq package provides the PostgreSQL client library, which allows client programs to connect to PostgreSQL servers. Security Fixes: postgresql: libpq undersizes allocations, via integer wraparound CVE-2025-12818 For more details about the security issues, including the impact, a CVSS score,...
MiracleLinux 4 : tomcat6-6.0.24-24.AXS4 (AXSA:2011-87:01)
The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2011-87:01 advisory. Tomcat is the servlet container that is used in the official Reference Implementation for the Java Servlet and JavaServer Pages technologies. The Java...
DEBIAN-CVE-2025-65495
Integer signedness error in tlsverifycallback in src/coapopenssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted TLS certificate that causes i2dX509 to return -1 and be misused as a malloc size parameter...
TencentOS Server 4: frr (TSSA-2025:0329)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0329 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
TencentOS Server 4: libqb (TSSA-2025:0134)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0134 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
CVE-2025-36461
Multiple out-of-bounds read and write vulnerabilities exist in the ControlVault WBDI Driver Broadcom Storage Adapter functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted WinBioControlUnit call can lead to memory corruption. An...
Siemens SIMATIC Devices Incorrect Calculation of Buffer Size (CVE-2024-35988)
riscv: Fix TASKSIZE on 64-bit NOMMU. On NOMMU, userspace memory can come from anywhere in physical RAM. The current definition of TASKSIZE is wrong if any RAM exists above 4G, causing spurious failures in the userspace access routines. This plugin only works with Tenable.ot. Please visit...
EUVD-2017-18134
Malware in sbrugna...
EUVD-2017-2726
Malware in sbrugna...
EUVD-2019-16235
Malware in sbrugna...